Networked

1111214161722

Comments

  • Type your comment> @daemon37 said:

    Overthinking caused me to take 3 days extra. Easy machine if you stick to basics.

    I have the feeling indeed that I am overthinking it, I am already 4 days far with it. Please PM with some tips, I think you know the feeling...

  • Fuck cant find the exploitable file for root. Where is that ch*****n******.sh you are all talkin about.Am I on the wrong machine? Looked for all suid files and it is not there...

  • I got initial shell, looked in user home at the two files, ran through the php functions but do not understand how to PE from here. Dm a hint please? Thanks

  • also stuck on user. i have a low priv shell but can't seem to PE. any help appreciated.
  • Can anyone give me a hand getting the user, i've tried so many different things now. i have a shell on the box and found the C****-A******.php file and been reading it and trying different ways to exploit it but cant get it working.

    please help me by PM!

    Happy hacking!

  • The only issue in this box for me was trying the box on an offline Apache server due to which I wasted hours on being unable to exploit the vulnerability for getting shell. Rest of the box was quite easy. I suppose this is the easiest box in the current line up.

    Fellow HTB buddies can drop a PM if they need help.

    Omnisec

  • does the uploaded file need to end with php or an image extension

  • Hi guys!
    I am really stuck on user -- I have a shell but need a little bit of a push/what direction to head in to get access to the flag. I have a few ideas... can anyone hit me up with a message if they have a sec?

    Thanks!

  • Finally rooted! This was simple but also infuriating....

  • Can anyone give me a nudge? I am trying to get php running (loaded a reverse shell file). But no luck triggering it (using phpinfo(); to confirm). Also found a nice 2*****.c exploit for C*****n but somehow won't compile, not sure if it is a rabbit hole.

  • I'm stuck! I know nothing about b**h, so I have no clue what to do with the c****a*****-file. Can someone please message me? I'm learning, just not fast enough =)

  • Type your comment> @Impulse said:

    Read this ..
    U get root within seconds !! :)
    http://tiny.cc/hjbtdz

    haha seems fishy> @Impulse said:

    Read this ..
    U get root within seconds !! :)
    http://tiny.cc/hjbtdz

    lol beef hooK?

    Huejash0le

  • Well this is my first box, I uploaded shell, run ca.php, saw cn*.sh and still can't figure out how to get user and root. I'll be very appreciative for a nudge.

  • Type your comment> @imd said:

    Well this is my first box, I uploaded shell, run ca.php, saw cn*.sh and still can't figure out how to get user and root. I'll be very appreciative for a nudge.

    which user are u now?

  • Type your comment> @Othell0 said:

    Type your comment> @imd said:

    Well this is my first box, I uploaded shell, run ca.php, saw cn*.sh and still can't figure out how to get user and root. I'll be very appreciative for a nudge.

    which user are u now?

    apache

  • Type your comment> @imd said:

    Type your comment> @Othell0 said:

    Type your comment> @imd said:

    Well this is my first box, I uploaded shell, run ca.php, saw cn*.sh and still can't figure out how to get user and root. I'll be very appreciative for a nudge.

    which user are u now?

    apache

    Yes try to discover what ca.php does and look for a way to exploit this for escalation

  • any hint for the user or root
    P.M

  • I need help with the user, can someone please pm me?

  • Any hints about the linenumber I need to look at for root? and maybe some documentation that might be handy for this?

  • rooted it, learned something there

  • Finally got user and root today! Been at it for a couple days on and off. Very new to all this so many thanks to @OxLumens and @rholas for some hints along the way! Great learning experience and my first box.

  • can anyone help me with networked machine. I gained a low privilege shell first. Then, i browsed to the /html dir where I found 4 php files and also c****_a*****php on another dir. I got a hint to create a file in /u***** dir to get user. Then i went to get user and i found that a user has already created that file. I created the same file and it worked. But, I am unable to completely understand how it's working. I read the php files and got some idea but, I can't completely get it to the verge of getting the idea to create that file and execute it correctly.

  • Finally rooted. PM for hints.

  • I had difficulty with root, after reading suggestions for fuzzing the script it became very clear. I learned a lot from this machine even though some parts were difficult.

  • edited October 2019

    Hi there, I'm a newbs here and networked is actually my first box. Getting the userflag was pretty easy given we litteraly have the source code but ... I can't get the password from the hash, seems like it's not in the crackstation db nor in the leaks i've collected -_-', can someone pm me the pwd in clear || some hint so i can continue to root ?

    /e: Finally PWND, big thanks to @Othell0

  • You dont need to crack the user.txt. This is the goal, just paste it to the site

  • thank you so much @vider and @OxLumens for your great support.

    @vider once again thanks a lot.

  • Noob here, I'm stuck and can't figure out how to change my payload to something that will be uploadable. A seriously strong hint or pm would be greatly appreciated

  • You can gather all the pieces to the puzzle if you carefully read all you're given. Nothing is hidden from you in this machine so it is up to you to spot the weaknesses.

    user:
    really examine what the script is doing
    maybe you can hijack the functionality

    root:
    Same thing understand what the script does
    all the pieces are there just understand how it works
    maybe the way we perceive numbers can be changed to accomplish something

  • Got User but really stuck on root.

    I think i found the necessary file, also have some ideas.
    But every input fails, i always get permission errors...
    Any kind of help is highly appreciated :)

Sign In to comment.